This invention relates generally to authorization of server operations requested from user computers over data communications networks. Apparatus, systems and computer programs are provided for authorizing remote server operations and for controlling performance of operations by servers in dependence on such authorization.
There are numerous scenarios in which computer users communicate with a remote server via a data communications network to request performance of some operation by the server. Such a server is typically operated by the provider of a service for online access by remote users. The term “server” is used herein in the most general sense however, and includes any computer or system providing some service or functionality to connecting users. An operation performed by a server at a user's request might simply be granting the user access to some resource, for instance a database or restricted web site, or might be implementation of some transaction, such as a banking transaction, instructed by the user. In any case, the nature of the communications infrastructure is such that security is often a key concern, in particular ensuring that server operations are only performed for genuinely authorized users. In the case of electronic business carried out over the Internet, for example, online fraud is a constantly growing threat. Advanced attacks such as the infamous man-in-the-middle (MITM), and various types of malicious software such as viruses or Trojan horses, are increasing in prevalence, while countermeasures such as anti-virus software and firewalls always seem to be one step behind the attackers. Consequently user computers such as personal computers (PCs), as well as the Internet itself, must be considered inherently untrustworthy, presenting significant security risks for electronic transactions. By way of example, if a user connects from his PC to a portal of an online service provider to initiate a transaction, he cannot be sure that the transaction is not silently manipulated by some malicious software or MITM. A similar difficulty faces the service provider in that he cannot be sure that he is communicating with a genuine authorized user.
Various systems have been proposed to address some of the security issues in the above scenarios. For example, U.S. Pat. No. 6,895,502 discloses a security device which can be connected to a user PC and incorporates a reader for a smart card. When the user requests a resource from a remote server via his PC, the server responds by retrieving the user's public key and transmitting back an encrypted data blob including transaction information along with a challenge. The resource requested from the user PC is displayed on the security device, and the user can confirm whether he did or did not request this resource by input to the security device which is sent back to the server. This device allows the user of a given PC to give contemporaneous confirmation of resource requests issued one at a time from that PC. However, the system is vulnerable to “false-challenge” attacks. That is, any malicious party could generate an encrypted challenge under the user's public key and send it to the user PC, for example to confuse the user into replying. Moreover anyone can decrypt the user's reply message to a challenge with the user's public key. This system is therefore of limited usefulness and raises security and privacy issues of its own.
Our copending European Patent Application No. 07022419.1, filed on Nov. 19, 2007, discloses another device for connection to a user computer. This device is also described in “The Zurich Trusted Information Channel—An Efficient Defence against Man-in-the-Middle and Malicious Software Attacks”, Thomas Weigold et al., in P. Lipp, A. R. Sadeghi, and K. M. Koch (Eds.): TRUST 2008, LNCS 4968, pp. 75-91, Springer-Verlag Berlin Heidelberg 2008. This device sets up a secure, mutually-authenticated end-to-end connection with the server when prompted by a proxy application on the user PC which is contacted by the browser to connect to a specific bank URL (universal resource locator). The ensuing browser session is then conducted via the secure connection and monitored by the security device. If the device detects security-sensitive information such as bank transaction details, these are displayed on the device and the user can press a button to indicate his confirmation. Only if the security device receives this confirmation will it maintain the connection and forward the transaction request to the server. This device again allows the user of a given PC to give contemporaneous confirmation of requests issued one at a time from that PC, though in this case the entire server session is conducted via the secure connection under control of the security device which determines when user authorization is required.